from the we-need-to-stand-up dept

I've been quite clear how I feel about Donald Trump's awful executive order that places a blanket ban on people entering the US (even if they had valid visas) from 7 countries, including a permanent block on Syrian refugees. Tons of people have been protesting this decision, and multiple courts have ruled against it. There has been some discussion over whether or not the tech industry was really going to stand up against this move, and some of the early statements about the executive order were a bit weak. However, late Sunday night, basically the entire technology industry (plus some companies from other industries as well) signed onto an amicus brief calling the order illegal and unconstitutional (technically, it's a motion asking for permission to file the amicus brief, with that brief attached).

The brief was filed in the Ninth Circuit appeals court, which is one of the first appeals courts considering the executive order, after a federal judge in Seattle issued a nationwide temporary restraining order on enforcing the exec order. On Sunday, the appeals court refused to reverse the lower court, keeping the TRO in place. However, it also gave both parties (the lawsuit itself was filed by the state of Washington) a very quick turnaround time to file written arguments to be considered.

Given that incredibly short time frame, the fact that 97 companies -- including some of the world's largest -- but also some tiny ones, like the Copia Institute (the think tank arm of Techdirt), were able to come together and not only get a detailed amicus brief together, but also get sign on from all of those companies (on Super Bowl Sunday, no less), is impressive. Having been through the process in which amicus briefs with multiple signers has been done before, normally there's lots of hemming and hawing from different companies and nitpicking over certain choices. It takes a lot of effort. Update: Another 30 companies have signed on as well.

But this issue was so important and so core and fundamental to our basic values, that basically the entire industry came together and signed onto this. You name the company, and it's probably signed on. There are the big guys: Google, Facebook, Microsoft and Apple (despite a false Washington Post article that claimed none of them had signed on). There are lots of other huge names as well, including Twitter, Snap, Uber, Airbnb, Lyft, Dropbox, Cloudflare, Box, eBay, GitHub, Kickstarter, Indiegogo, Medium, Mozilla, Patreon, Paypal, Pinterest, Reddit, Salesforce, Spotfy, Stripe, Wikimedia, Yelp, Y Combinator and many, many more. Update: Among the notable companies in the "late" sign on, were SpaceX, Tesla, Slack, Pandora, Adobe, HP, Evernote, Udacity and more...

I highly recommend reading the full amicus brief -- which makes an economic argument, a moral argument and a legal argument all wrapped up in one.

Immigrants make many of the Nation’s greatest discoveries, and create some
of the country’s most innovative and iconic companies. Immigrants are among our
leading entrepreneurs, politicians, artists, and philanthropists. The experience and
energy of people who come to our country to seek a better life for themselves and
their children—to pursue the “American Dream”—are woven throughout the social,
political, and economic fabric of the Nation.

For decades, stable U.S. immigration policy has embodied the principles that
we are a people descended from immigrants, that we welcome new immigrants,
and that we provide a home for refugees seeking protection. At the same time,
America has long recognized the importance of protecting ourselves against those
who would do us harm. But it has done so while maintaining our fundamental
commitment to welcoming immigrants—through increased background checks and
other controls on people seeking to enter our country.

[....]

The Order effects a sudden shift in the rules governing entry into the United
States, and is inflicting substantial harm on U.S. companies. It hinders the ability
of American companies to attract great talent; increases costs imposed on business;
makes it more difficult for American firms to compete in the international marketplace;
and gives global enterprises a new, significant incentive to build operations—
and hire new employees—outside the United States.

The Order violates the immigration laws and the Constitution. In 1965, Congress
prohibited discrimination on the basis of national origin precisely so that the
Nation could not shut its doors to immigrants based on where they come from.
Moreover, any discretion under the immigration laws must be exercised reasonably,
and subject to meaningful constraints.

There's much more in the full brief, and hopefully the court allows it and recognizes how momentous this is. I've never seen anything that so many tech companies have gotten behind (including things like SOPA), and this happened so fast that it is literally unprecedented. A whole bunch of people put in a tremendous effort to actually get this done (including more than a few having to miss the Super Bowl to get this done...). Andy Pincus from Mayer Brown deserves a specific shoutout for being the main lawyer putting the brief together.

We shall see what happens from here, but having basically the entire tech industry rise up in a single voice to say that this order is not right is nice to see. In this day and age, it's easy not to speak out and to just sit on the sidelines. But this is important, and when it mattered all of these companies spoke out.

from the this-is-a-concern dept

For the past few years, much of the internet industry had been mostly silent on CISA, or vaguely for it, mainly because it would provide them immunity from liability if they share too much information with the government. However, as more details have come out about CISA, making it clear that it's a surveillance bill, rather than any sort of cybersecurity bill, the internet industry has finally, mostly come out against it. It started with Salesforce.com, after people started protesting a letter it had signed saying it favored "cybersecurity" legislation, but without naming CISA. In response, Salesforce came out directly and said that it did not support CISA. Soon after that, the BSA (the Business Software Alliance, which now prefers to just be called "The Software Alliance"), which had put together the letter Salesforce signed, said that it did not support CISA (or any of the other cybersecurity bills that have been introduced). Soon after that, CCIA, which represents a bunch of internet companies, came out directly against CISA, saying:

CCIA is unable to support CISA as it is currently written. CISA’s prescribed mechanism for sharing of cyber threat information does not sufficiently protect users’ privacy or appropriately limit the permissible uses of information shared with the government. In addition, the bill authorizes entities to employ network defense measures that might cause collateral harm to the systems of innocent third parties.

This bill is toxic. The public hates it and tons of tech companies are against it, but Congress keeps trying to ram it through. Now that we know that Facebook lobbyists are working behind the scenes to get it passed, it makes more sense why Congress keeps coming back to it.

Facebook’s chief Senate lobbyist, Myriah Jordan, worked as General Counsel for CISA's sponsor, Senator Richard Burr, right up until taking the job at Facebook. On her lobbying disclosures she lists “cybersecurity” as one of the issues she's been discussing with senators. These “revolving door” connections give companies more power and influence than ordinary people could ever have, and it’s part of the reason why companies like Facebook think they can get whatever they want out of Washington.

Several offices on the Hill have heard from Facebook that they support CISA. As much as we wish we could reveal our sources, we agreed not to (selective leaking is part of how the lobbying game works, unfortunately). But this information matches with everything we know about Facebook's love for CISA over the years. They backed the bill loudly before it was unpopular and then stayed silent as other big tech companies came out against it. We've asked them to state their position publicly, bu they have said nothing. Facebook has backed this from day one, and now they're the lone tech voice still working to make sure it passes.

This would seem to be very unfortunate if it's true, and hopefully Facebook reconsiders. While Apple, Twitter, Yahoo, Google, LinkedIn and others have been quite vocal in fighting back against government surveillance, Facebook has been much less involved in those fights -- despite the fact that it often has more information than those other players. Facebook seems increasingly out of step with the rest of the internet industry in making sure that protecting the privacy of their users against government surveillance is a top priority. Hopefully, the company changes its position on this.

Update: For what it's worth, Facebook is now denying the story, saying that it has not taken a position either for or against CISA (and doesn't seem interested in doing so either way). That still seems like an odd position to take given that most of the other companies in the industry have come out against the bill. And, in addition, I've now heard from others on Capitol Hill as well supporting the statements from Fight for the Future that Facebook is considered to be in favor of CISA, though it's not clear if the company has been actively lobbying for it.

For years, legislators have been attempting to grant themselves permission to strong-arm tech companies into handing over all sorts of information to the government under the guise of cybersecurity. CISPA, CISA, etc. The acronyms come and go, but the focus is the same: information sharing.

Of course, the promise of equitable sharing remains pure bullshit. Tech companies know this and have been understandably resistant to the government's advances. There are few, if any positives, to these proposed "agreements." The government gets what it wants -- lots and lots of data -- and the companies get little more than red tape, additional restrictions and fleeing customers.

U.S. government officials say privately they are frustrated that Silicon Valley technology firms are not obtaining U.S. security clearances for enough of their top executives, according to interviews with officials and executives in Washington and California. Those clearances would allow the government to talk freely with executives in a timely manner about intelligence they receive, hopefully helping to thwart the spread of a hack, or other security issues.

The lack of cooperation from Silicon Valley, Washington officials complain, injects friction into a process that everyone agrees is central to the fight to protect critical U.S. cyberinfrastructure: Real-time threat information sharing between government and the private sector.

Before dealing with the questionable promise of "real-time threat information sharing," let's deal with the supposedly minor requirement of security clearances. It's not as if this won't impose undue burdens on tech company leaders, especially when they already have a pretty good idea this stipulation will be a major hassle followed by continued opacity from a government that's 90% lip service and 10% outright lying. Tech execs are being asked to make all the effort and hope against hope there will actually be some benefits.

"I believe that this is more about the overclassification of information and the relatively low value that government cyberintel has for tech firms," said one Silicon Valley executive. "Clearances are a pain to get, despite what government people think. Filling out the paper work … is a nightmare, and the investigation takes a ridiculous amount of time."

[...]

"I think tech companies are doing a return-on-investment analysis and don't think the government intel is worth the cost or effort," said the Silicon Valley executive. "This is why government threat signature sharing initiatives are such a nothing-burger: The signatures are of limited value and only a few select companies with clearances can actually use them."

The clearance process can easily take over a year. The application runs 127 pages and asks a mixture of questions ranging from highly-intrusive to facially-ridiculous.

[This question seems to disqualify nearly every law enforcement officer in the United States.]

And that's just the start of the process. The rest of the vetting process takes several months, and there's no guarantee the executives the government wants to obtain clearance will actually be cleared to discuss classified information.

And even if these clearances are obtained, the benefits are unproven and suspected to be minimal. On the other hand, the downsides are enormous. As Marcy Wheeler points out, clearances may open up discussion channels with law enforcement and intelligence agencies, but they also create additional restrictions for those carrying these privileges -- the breach of which can result in severe consequences. In light of the inequitable "sharing" envisioned by many tech companies, the hassle just isn't worth it.

Because it’s not just that the security clearance application that is unwieldy. It’s that clearance comes with a gag order about certain issues, backed by the threat of prison...

Why would anyone sign up for that if the tech companies have more that the government wants than the government has that the tech companies need?

On top of this, there's the bottom line to consider. The information that may or may not flow back to tech companies won't do much to offset the perception that company executives are willingly buddying up with the US intelligence community. In the post-Snowden world, this could mean the loss of customers, future contracts and sensitive foreign markets.

The government has yet to offer anything Silicon Valley wants in exchange for additional burdens, greater secrecy and increased demands for customer data. The government is better at taking than it is at giving, and no amount of cyberterrorism hand-wringing is going to change that reality.

from the leaks-docs,-leaking-dollars dept

The NSA continues to "save" the United States from terrorism by making it weaker. Not only has the agency actively undermined encryption standards, but its willingness to insert backdoors and spyware in any piece of hardware or software it can get its hands on has severely damaged the world's trust of American technology.

Cloud computing providers have already felt the aftershocks of the Snowden leaks. An Open Technology Institute report published a year after the first revelation noted that many had already seen a drop-off in sales and predicted that the backlash against the NSA's surveillance tactics could cost companies anywhere from $22-180 billion over the next three years.

China has dropped some of the world's leading technology brands from its approved state purchase lists, while approving thousands more locally made products, in what some say is a response to revelations of widespread Western cybersurveillance.

Chief casualty is U.S. network equipment maker Cisco Systems Inc, which in 2012 counted 60 products on the Central Government Procurement Center's (CGPC) list, but by late 2014 had none, a Reuters analysis of official data shows.

Smartphone and PC maker Apple Inc has also been dropped over the period, along with Intel Corp's security software firm McAfee and network and server software firm Citrix Systems.

It's certainly no surprise that Cisco would be one of the first dropped by foreign purchasers wary of NSA meddling. A leaked document detailing the agency's hardware interdiction program contained a photo of operatives carefully unwrapping a box full of hardware destined for NSA spyware implants. While the faces of the agents may have been blurred, the logo on the box was not. As the story spread across the internet, one conclusion was drawn: Cisco products are not "safe."

The fact that foreign hardware may arrive loaded with spyware and backdoors isn't the only thing prompting the Chinese government to drop nearly half of its overseas security-related tech suppliers. There's also the ongoing tension between the US and China, which has devolved into each country accusing the other of inserting backdoors into exported tech. It appears both sets of accusations are correct, but for years it was largely assumed that China was mostly alone in these efforts.

China also has a domestic market it would like to expand, which will now get a leg up from the government. As it eyes an increased exports, it is likely aware that many foreign governments and other potential purchasers consider its exports no more "secure" than NSA-infected tech shipping from the US. Purchasers will find themselves taking the "lesser of two evils" approach when seeking to obtain tech products -- something that won't always work out in favor of American companies.

Cisco has openly stated that "geopolitical concerns" -- like the NSA's interception of its products destined for foreign markets -- have led to a downturn in sales. Other affected companies like Intel have yet to issue official statements detailing any NSA-related impact on their sales, but it's clear the last 18 months of leaks have done little to raise their future expectations. OTI's wide-open estimate on potential losses will probably never achieve sharper focus. It's unlikely former customers are going to clearly state that unrenewed contracts or supplier list culls are due to the NSA's actions, but surveys have indicated this concern does factor heavily into purchasing decisions.

The leaks aren't going to stop, and what is already in the public domain will continue to take its toll. Just as certainly, the NSA isn't going to stop looking for ways to circumvent encryption or compromise hardware. At this point, there's no way any company can claim with certainty that they have avoided becoming part of any government's intelligence apparatus -- and that's going to hurt them for years to come.

from the come-on-by dept

We've talked plenty about the near total failure of the NSA and others in the intelligence community to consider the costs associated with their "collect it all" mentality. Much of the intelligence community's views seem based on the idea that the surveillance efforts would always remain totally secret. The NSA, in particular, appears to have never thought it possible that something like the Snowden revelations might happen, and the intelligence community still seems to be scrambling to figure out what to do in response. In the meantime, however, the impact on the internet has been very real and ongoing. Senator Ron Wyden -- who was one of very, very, very few politicians in DC to be talking out (loudly) about this prior to Snowden -- is coming to Silicon Valley tomorrow for what looks to be quite a discussion with some top execs from the tech industry about the "impact of mass surveillance on the digital economy."

With Senator Wyden will be Google chairman Eric Schmidt, Microsoft General Counsel Brad Smith, Facebook General Counsel Colin Stretch, Dropbox General Counsel Ramsey Homsany and Greylocks' John Lilly (former Mozilla CEO). In other words, it's a pretty high level gathering -- and it's open to the public. I'll be there to cover it for Techdirt, but for anyone in Silicon Valley, feel free to register to attend.

from the a-reminder dept

I know that it's become a bit too tempting for lots of people to declare this or that tech policy issue "the next SOPA," but the response over the last few weeks to the FCC's upcoming rulemaking on "the open internet" and net neutrality certainly feels a lot closer than pretty much any previous issue. David Carr has a writeup over at the NY Times that explains the situation most succinctly -- with a truly key point being buried deep in the middle, in which he recaps the SOPA story. I'll bold the key line:

In the debate between the Beltway vs. the Valley, my money is on the Valley. Remember in 2012 when a clueless Congress lumbered into Internet regulation by coming up with SOPA and a companion bill in the Senate (the Protect I.P. Act)? The entertainment companies that backed the legislation thought it was no big deal, but then a group of Silicon Valley players — many of the same ones who are now coalescing to oppose new Internet regulations — unleashed their user base and a huge wave of protest erupted. Both bills went down hard.

In the weeks after the SOPA debacle, I was at the Sundance Film Festival and then in Hollywood, talking with entertainment executives. They looked like extras from “The Walking Dead,” with bite marks all over them. They didn’t know what hit them because they did not understand the intimate relationship that the Valley has with its customers.

Way too much digital (and real) ink has been spilled that totally missed the point concerning the SOPA battle, arguing that it was the "tech industry" or "Silicon Valley" taking on Hollywood. But, as we noted many times, that was never the situation at all. It was the users of those internet services who led the way, with the companies joining in after the fact. Many people on the other side of these battles still don't realize how much has to do with the users first. They assume, incorrectly, that it's all about lobbying dollars, but miss out on the simple fact that a large public outcry beats lobbyists every time.

In the end what matters is votes. Lobbyists win on issues where there is no public outcry because in those situations its easier to keep the lobbyists happy. But when the wider public gets activated, politicians know that votes come first, and lobbying can't stop the tidal wave of public support on an issue. And that's where those not paying attention get confused. They don't realize that many people really, really love the services that the tech industry has built. People have very positive emotional attachments to them -- and that's often because those services provide amazing connections and interactions and do so without giving people the feeling of being ripped off.

That's usually not true with things like entertainment and it's especially not true with broadband.

Yes, some people argue that because users "don't pay" for many internet services, the services don't actually have their best interests in mind, but that's just wrong. The reason these internet services are so successful is that they build great products that users love -- and they often give them away for no monetary exchange, based on alternative business models. You can argue about whether or not those business models are fair, but to argue that these companies don't try to build great products for their users is simply incorrect.

And, because of that, when there are issues where the interests of the public and these tech companies align -- those on the other side may discover just how difficult it is to play the same old lobbying game. When the public gets moving on an issue, old style lobbying games get steamrolled. Whether or not that happens with net neutrality remains to be seen, but many of the same initial ingredients are certainly in place.

Mucking with a functioning internet is just not a good idea.

We don’t want two Internets — a good one and a bad. We want the money and investment to flow toward a single infrastructure that works rapidly and efficiently, as it does in so many other countries. It should be a medium in which videos of your niece dancing to Beyonce, streaming coverage of Occupy Wall Street and “House of Cards” all play smoothly when you hit a button.

Given the mounting opposition, the F.C.C. commissioners would be well advised to delay any changes this Thursday. And if they don’t, they may end up starring in a sequel: “SOPA II: When Nerds Bite Back.”

from the don't-fail-us-fcc dept

As the net neutrality debate has kicked into overdrive, over 100 internet companies -- including most of the big names such as Google, Facebook, Twitter, Microsoft, Netflix, Amazon, Ebay, Reddit, Automattic, Yahoo, Kickstarter, as well as many smaller names, such as us here at Floor64/Techdirt -- have all signed onto a letter to the FCC asking it to actually suck it up and protect the open internet. Consider this a warning shot to the FCC from the internet community. The community knows what's at stake in this fight and it's watching closely what the FCC does. Having helped to get some of the companies to sign on, I can say that many leaders at companies are both very informed on the topic, and very engaged about it. If the FCC thinks it can sneak one by the tech community, that may be more difficult than it expects.

Along those lines, one FCC commissioner, Jessica Rosenworcel, has suggested that the FCC should put the brakes on its net neutrality plans to think things through a bit more carefully -- though apparently FCC boss Tom Wheeler has rejected that idea and plans to move forward with his rule-making proposal next week.

from the say-goodbye dept

There's been a lot of talk on various tech sites over the past few days concerning the disgraceful situation involving internet ad giant RadiumOne and its CEO Gurbaksh "G" Chahal. Chahal was arrested last year and charged with 45 counts for apparently beating his girlfriend -- hitting her 117 times over the course of half an hour, all caught on a security camera in his home. The legal case more or less fell apart when the judge said that police seizing the video violated the 4th Amendment (they did so without a warrant). Without that evidence, and with the woman refusing to cooperate, prosecutors worked out a deal and Chahal plead guilty to two charges -- one domestic violence battery and one battery -- and got three years probation and a mandatory 52-week domestic violence training program.

Having covered many, many stories in which law enforcement violates the 4th Amendment and piles on charges on someone, there isn't much to comment on in the legal case. Police should have had a warrant to get that video, clearly -- and it's on them that they did not do that. You can't fault the judge for tossing out illegally seized evidence. But, at no point has anyone denied that the video exists or that it shows Chahal hitting his girlfriend 117 times. Given that, plenty of people are reasonably wondering (1) why Chahal is still CEO of a giant ad company that's expected to IPO soon and (2) why his board/investors has refused to respond to questions about Chahal.

There has been plenty of talk recently about how welcoming (or not) the tech industry is to females. Some of the stories of "brogrammers" or "bro" culture strike me as exaggerating reality. It exists in some cases, but it is far from true everywhere. Plenty of startups that I've spent time with not only seem to create diverse and welcoming environments, but often go out of their way to create such supportive cultures. But, at the same time, it's clear that not every tech company is like that, and many engineers -- both female and male -- have been turned off by such cultures (though not enough speak out when they see it). The industry itself needs to do a much better job of creating welcoming environments and one obvious and important way to do so is to not condone abhorrent behavior, such as that which Chahal engaged in. Leaving Chahal in charge of RadiumOne is an implicit statement that such behavior is somehow acceptable. That, by itself, is unacceptable.

The fact that the board and RadiumOne's investors have not spoken out creates not just a huge blackeye for the company, but for the wider tech industry as a whole.

from the but-it's-'not-a-tax!' dept

The number of times figureheads of the copyright industry have proposed (and often collected) a "you must be a pirate" tax on media are too numerous to count. (Not literally, of course, but it's been several dozen times…) The operative theory is that most people buy blank media and devicesonly to load it up with infringing content. This stems from the industry's innate fear that any new technological advance (VCRs, high speed internet connections) serve one purpose: to make infringement faster, easier and more widespread.

Jean Michel Jarre, a pioneer in the field of electronic music, has peeked into the future (well, more of the present, really) and has glimpsed an untapped goldmine -- one that would "allow" the common man/woman to pay what's "owed" to content creators.

[C]reators needed to sit down with phone companies, computer companies selling hardware, as well as the distributors of all kinds of art forms, and create the right business model for creators. He doesn’t, however, think that consumers should have to pay. “Music, photography, media, film – it’s all going to be free on the internet. We have to accept it,” he said.

But that doesn’t mean that creators can’t get paid. “Think about when you listen to a song on the radio,” he explained. “You are not paying for it, it’s not illegal to do it, because the rights have been paid for on top, beforehand, by the radio station, by the network. We have to find exactly the same kind of system with the internet.”

“We should never forget that in the smartphone, the smart part is us creators. If you get rid of music, images, videos, words and literature from the smartphone, you just have a simple phone that would be worth $50. Okay, let’s accept that there’s a lot of innovation in the smartphone, so let’s add $100 for this innovation – the remaining $300-$400 of the price should go to [the creators].”

Paying artists is not a tax or cultural levy, he said, adding that artists were here before electricity and will be here long after the internet. “We need each other, so at the end of the day we have to find the right partnership. We are talking about a business partnership, not a tax, and this shouldn’t affect the consumer.”

Jarre may be a talented musician, but if he thinks this "won't affect consumers" if creators are given $300-400 of the sale price of a smartphone, he's completely (or willfully) ignorant of market realities.

The $300-400 that smartphone makers are used to keeping for themselves (which Jarre handily believes is all profit margin) will have to come from somewhere. And that "somewhere" is the consumers. Instead of $499 MSRP, the phone will leap to $899-999. Once those prices go up, consumers will purchase fewer phones, especially with more service providers in the US looking to eliminate subsidized purchases. Fewer sales means less money flowing back to the creators -- which in time will mean those extracting this amount (based on the faulty assumption that the only thing that makes a smartphone "smart" is infringing content) will be back to ask for a higher fee -- which will result in even fewer sales -- and so on, ad infinitum, ad absurdum.

Despite his protestations, this fee (Jarre seems to approach it as a licensing strategy, right before asking for an arbitrary figure that's three-quarters of the retail price) is a tax/levy. The only way it wouldn't be is if phone makers entered into licensing agreements. But what would they be licensing? A new phone carries very little unlicensed content (if any) before the consumer fills it with their own. Some of this content will already be licensed, having been purchased from any number of legitimate services. Some content, of course, will not be licensed or otherwise paid for. But taking a chunk out of every sale presumes that all smartphones are nothing more than handy carrying cases for infringing content. Hence, it's a tax or levy, of the "you must be a pirate/criminal" variety.

For all of Jarre's defense of creation and innovation, he automatically gives the creators -- whose content may never be on the phone in an unlicensed form -- the largest portion of each phone sale. He makes a small concession for "innovation" that tops out at $100. "Creators" are apparently worth 3-4 times as much as the innovators who crafted the smartphone Jarre sees as an untapped revenue stream.

This clashes with Jarre's earlier statement where he says artists were here "before electricity" and will outlast the internet itself. If artists are everlasting and smartphones (or the internet) only fleeting, why is the payout so skewed towards the hardier species (so to speak)? Jarre wants to have it both ways: artists "deserve" this because they've been a cultural force since the beginning of time but are simultaneously on the verge of extinction and badly in need of a handout from the Hot Tech Thing Du Jour.

He drives this cognitive dissonance home further with this:

“We are the people creating the future – not manufacturers of computers or cables. We are the extraordinary."

Well, if that's the case, maybe the people "creating the future" should be taking a smaller cut than these short-sighted tech innovators, or better yet, pitching in to keep these manufacturers of pocket-sized cultural vessels afloat until the next wave of innovation hits.

Underneath it all, he's right about the creative force of the world's population. It will continue even without grabbing 75% of a smartphone's retail price. The world's creators didn't wait until adequate copyright protections were codified by their respective governments before creating and they'll continue to create even if they think the world's tech innovators are somehow coattail-riding their creations to the tune of billions of dollars. They'll do it in the face of piracy and the addition of innumerable "competitors" thanks to the elimination of barriers to entry.

Jarre gazes at this longevity and strength and sees it as a position of leverage against (apparently) parasitic tech companies. When he smashes it all together to make his clumsy point, the strength is now supposedly a weakness, and creators nothing more than a disadvantaged group begging for loose change outside a manufacturer's headquarters. It becomes as incongruous as a Mob enforcer telling his extortion victims that the reason they have to pay is because he a.) can kill them and their families and b.) because he's a disenfranchised member of an ethnic group that has been historically poorly-treated in America.

from the it's-not-almost dept

Steven Levy, who specializes in massive articles looking into aspects of the tech industry, has a new one for Wired, called How the NSA Almost Killed the Internet. It basically looks at how the NSA legally coerced the tech companies into having to comply with certain court orders to hand over information, and how the tech companies have been gagged from explaining what's going on. And then... he gets the NSA's side of the story. Much of what's in there is stuff that you probably already know (especially if you read Techdirt regularly), but I wanted to call out a few tidbits that I hadn't seen or heard anywhere else before:

Google doesn't charge the government for requests for information:

FISA requires the government to reimburse companies for the cost of retrieving information. Google says it doesn’t bother to charge the government. But one company says it uses that clause, hoping to limit the extent of the requests. “At first, we thought we shouldn’t charge for it,” says an executive of that company. “Then we realized, it’s good—it forces them to stop and think.”

This is kind of a "damned if you do/damned if you don't" situation. I know plenty of folks in the civil liberties community go back and forth on it. When companies do charge, then you see articles about how companies are "making a profit" off of violating our privacy. If they don't charge, then you see arguments about how they're making it too easy for the government to get info. Either way, the standard has been to charge basic costs, so it's interesting to see that Google doesn't charge at all, probably betting on the fact that if they did, it would be misrepresented. Of course, the fact that they don't might be misrepresented as well.

The NSA has no response to fear of future abuse of programs beyond "we'd never do that." Seriously.

Critics charge that while there is not yet any evidence of massive abuse of the NSA’s collected data, there is also no guarantee that a future regime won’t ignore these touted protections. These officials discounted that possibility, saying that the majority of NSA employees wouldn’t stand for such a policy. “If that happened, there would be lines at the Inspector General’s office here, and at Congress as well—longer than a Disneyland line,” Ledgett says. (The fates of several NSA employees-turned-whistleblowers indicate that anyone in that hypothetical queue would be in for a ride far wilder than anything in Anaheim.)

Sure, except there's a very long history of the NSA and the FBI doing exactly the opposite (the claim of no evidence of massive abuse is not actually true). And, as Levy notes in that final parenthetical, the way whistleblowers are treated these days would probably shorten that line quite a bit.

Keith Alexander admits that companies were compelled to comply and admits that we should stand up for the companies not to be harmed by all of this:

“This isn’t the companies’ fault. They were compelled to do it. As a nation, we have a responsibility to stand up for the companies, both domestically and internationally. That is our nation’s best interest. We don’t want our companies to lose their economic capability and advantage. It’s for the future of our country.”

Those words could have come from a policy spokesperson for Google, Facebook, Microsoft, or Yahoo. Or one of the legislators criticizing the NSA’s tactics. Or even a civil liberties group opposing the NSA. But the source is US Army general Keith Alexander, director of the NSA. Still, even as he acknowledges that tech companies have been forced into a tough position, he insists that his programs are legal, necessary, and respectful of privacy.

This is just bizarre. If he doesn't want the companies to lose their economic capability and advantage, maybe he shouldn't have undermined a large portion of it.

Companies were given about 90 minutes to respond to the (misleading) claims in the original PRISM article that they had given the NSA direct access to their servers.

“We had 90 minutes to respond,” says Facebook’s head of security, Joe Sullivan. No one at the company had ever heard of a program called Prism. And the most damning implication—that Facebook and the other companies granted the NSA direct access to their servers in order to suck up vast quantities of information—seemed outright wrong. CEO Mark Zuckerberg was taken aback by the charge and asked his executives whether it was true. Their answer: no.

Similar panicked conversations were taking place at Google, Apple, and Microsoft. “We asked around: Are there any surreptitious ways of getting information?” says Kent Walker, Google’s general counsel. “No.”

This remains one of the most unfortunate bits about the Snowden leaks. While I think that Barton Gellman, Glenn Greenwald and Laura Poitras have done an incredible job with most of their reporting, the original PRISM stories that appeared in the Washington Post and Guardian both came out rushed and were misleading, which is still impacting how people are reporting on these things today. The PRISM program and Section 702 of the FISA Amendments Act have serious issues that need exploring, but it's all been distorted by the misleading initial claims, which implied things that just weren't true.

The NSA claims it uses the very same encryption that it tries to push everyone else to use. Yes, the same encryption that Snowden docs have revealed was compromised by the NSA.

And the NSA insists that, despite the implications of those Snowden-leaked documents, it does not engage in weakening encryption standards. “The same standards we recommend are the standards we use,” Ledgett says. “We would not use standards we thought were vulnerable. That would be insane.”

Sorry, but no one believes that one at all. The clear takeover by the NSA of NIST standards shows that's clearly not true.

The NSA still doesn't realize how serious all of this is. They still think it's just been blown out of proportion.

They understand that journalism conferences routinely host sessions on protecting information from government snoops, as if we were living in some Soviet society. And they are aware that multiple security specialists in the nation’s top tech corporations now consider the US government their prime adversary.

But they do not see any of those points as a reason to stop gathering data. They chalk all of that negativity up to monumental misunderstandings triggered by a lone leaker and a hostile press.

Patent troll Nathan Myhrvold is also completely clueless about national security:

Former Microsoft research head Nathan Myhrvold recently wrote a hair-raising treatise arguing that, considering the threat of terrorists with biology degrees who could wipe out a good portion of humanity, tough surveillance measures might not be so bad. Myhrvold calls out the tech companies for hypocrisy. They argue that the NSA should stop exploiting information in the name of national security, he says, but they are more than happy to do the same thing in pursuit of their bottom lines. “The cost is going to be lower efficiency in finding terrorist plots—and that cost means blood,” he says.

This is stupid on so many levels. First, the old argument that it's somehow equivalent of tech companies and the NSA to make use of information -- a claim that Levy ridiculously repeats multiple times in his article -- is a line that has been debunked so many times it's really beneath Levy to give it any life at all, let alone refuse to point out how stupid it is. Companies provide a direct service to users, and they make a decision: If I give this information, I get this service in return. It's a decision made by the consumer, and a trade-off where they decide if it's worth it. We can argue that people should have more information about the costs and benefits, but it's still a trade-off where the final decision is their own. The NSA, on the other hand, is not providing a choice or a trade-off. They're just taking everything in exchange for nothing. And, oh yeah, they have guns and can put you in jail -- something no company can do.

Second, Myhrvold incorrectly buys completely the line that all this data collection has been helpful in stopping terrorists. There's just one problem: there is no evidence to support that. Besides, based on his idiotic reasoning, we might as well just do away with pretty much all our rights. For example, I'm pretty sure that we could all have protected Myhrvold more completely if there were video cameras streaming video of everything he did within the privacy of his own home, cars, office or just walking around, right? We could certainly make sure that no one was attacking him or, better yet, that he wasn't about to attack anyone. The cost of not spying on every moment of Nathan Myhrvold might mean "blood." So, based on his own logic, we should violate his privacy, right?

All in all there's a lot in the article that's worth reading, but those were a few key points that really stood out.